On 01.09.2014 11:47, David Herrmann wrote: > Hi > > On Mon, Sep 1, 2014 at 9:51 AM, Stef Walter <st...@redhat.com> wrote: >> On 18.08.2014 18:22, Lennart Poettering wrote: >>> I have now pushed this, after reworking this on top some major changes >>> to bus_verify_polkit(), which avoids having to pass the original >>> callbacks through to the function that ultimately does the verification. >>> >>> While merging I also made another change, you are probably not going to >>> like: I turned of the interactivity for the polkit checks. Interactivity >>> needs to be optional, and it currently is for all out polkit-enabled bus >>> methods. And we should do the same for the PID 1 offered methods. >> >> Ugh. >> >>> Now, of course, we should open this up for inetractive (after all, >>> that's what polkit is good for), but we probably need a new set of >>> methods for that, which take the original arguments but also take a >>> boolean argument to enable ineractivity. Hence, we probably should have >>> StartUnit2() in addition to StartUnit(). >> >> That seems ugly. I think we should either: >> >> * Have a method which we can invoke to make a client opt into >> interactive polkit prompting for any invoked method. >> >> * Version all the org.freedesktop.systemd1.Manager to >> org.freedesktop.systemd1.Manager2 or something like that and support >> both interfaces. > > We had the idea to reserve a single bit in the dbus message header for > that. See the discussion on the dbus-ML: > http://lists.freedesktop.org/archives/dbus/2014-August/016294.html
Thanks. > It looks like the most sane way to resolve this issue, imho. I guess so. Makes a lot of sense. We'll need to see how backportable this ends up being for all of libdbus, gdbus ... of hand it doesn't that seem *that* invasive if it's just a flag. Otherwise (for Cockpit) we'll end up doing the brain-dead wrapping all systemd APIs with yet another daemon that just does interactive polkit authentication :S Will keep an eye on this. Cheers, Stef _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
